ext_29436 ([identity profile] wimble.livejournal.com) wrote in [personal profile] sesquipedality 2005-02-02 04:40 am (UTC)

Is that ipfilter? Oooh, don't know that one. :(

I'll second [livejournal.com profile] ewx's suggestion: log everything. Even the packets you're already accepting (ie. the packets that are returned from your outgoing connections). It might show that they're weird in some way, which then affects the stuff that's causing difficulty.

eg. if your upstream hardware is NATting incoming traffic so your machines think it's coming from an unroutable address, you'd probably drop it before anything else (Remember: I don't read ipfilter, so I'm guessing at what the rules mean). Of course, such hardware will cause further problems. But by logging everything you should get some clues.
(22 comments)

Post a comment in response:

This account has disabled anonymous posting.
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting
 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.